Docs/Changelogs/Breaking: @insureco/relay 0.5.0

@insureco/relay 0.5.0

Released: 2026-01-15

Legacy JWT_SECRET auth deprecated. 'from' field deprecated in SendOptions. Fire-and-forget pattern enforced.

Breaking Changes

🟠 ERROR — relay-jwt-secret-auth

Using JWT_SECRET + PROGRAM_ID to initialize RelayClient is deprecated and will be removed in @insureco/relay 1.0.0. The builder now auto-provisions BIO_CLIENT_ID + BIO_CLIENT_SECRET for all services. RelayClient.fromEnv() automatically uses these. jwtSecret/programId constructor params still exist but are marked @deprecated in source (RelayClientConfig lines 117-125).

@insureco/relay 0.5.0: jwtSecret auth is deprecated.

REMOVE:
  new RelayClient({ jwtSecret: process.env.JWT_SECRET, programId: '...' })

REPLACE WITH:
  RelayClient.fromEnv()
  // Automatically uses BIO_CLIENT_ID + BIO_CLIENT_SECRET (auto-injected by builder)

For local dev, set RELAY_DIRECT_URL=http://localhost:4001 in .env.local.
RelayClient.fromEnv() handles all three cases: local, sandbox, and production.

Deprecations

🟡 relay-from-field

The 'from' field in SendOptions is deprecated. Use 'fromName' instead. Confirmed @deprecated in iec-relay-sdk/src/types.ts (SendOptions interface). The from field still works but will be removed in @insureco/relay 1.0.0. Note: the actual sender address is always controlled by the platform — fromName sets the display name only.

EOL: 2027-01-01

@insureco/relay: The 'from' field in sendEmail options is deprecated.

CHANGE:
  options: { from: 'My Service' }

TO:
  options: { fromName: 'My Service' }

Note: fromName sets the display name only. The actual from address
is always your org's configured domain or [email protected].
Will be removed in @insureco/relay 1.0.0.

🟡 relay-await-in-handler

Awaiting relay.sendEmail() or relay.sendSMS() in HTTP request handlers blocks the response until delivery completes. Email/SMS are not on the critical path. A relay outage will cause your API to time out for all users. Use fire-and-forget with .catch() instead.

EOL: 2027-06-01

@insureco/relay: Avoid awaiting relay.sendEmail() / relay.sendSMS() in request handlers.

CHANGE:
  await relay.sendEmail({ ... })

TO:
  relay.sendEmail({ ... })
    .catch((err) => logger.warn({ err }, 'Email send failed'))

Fire-and-forget keeps your API response fast even if relay is slow or down.
Always include .catch() to log failures — silent drops mean compliance gaps.

🟡 relay-program-id-config

programId in RelayClientConfig is deprecated alongside jwtSecret. If your code sets programId, it is using the legacy JWT auth path.

EOL: 2027-01-01

@insureco/relay: programId is part of the deprecated legacy JWT auth.
Switch to RelayClient.fromEnv() which uses BIO_CLIENT_ID + BIO_CLIENT_SECRET.

Migration

Migrating from: 0.4.x

Guide: https://tawa.insureco.io/docs/relay

Notes

RelayClient.fromEnv() auto-detects the right auth mode:

  1. RELAY_DIRECT_URL set → local dev mode (bypasses Janus)
  2. BIO_CLIENT_ID + BIO_CLIENT_SECRET set → production (auto-injected by builder)
  3. JWT_SECRET + PROGRAM_ID set → legacy mode (deprecated, still works)

No code changes needed if you already use RelayClient.fromEnv() and the builder provisions your credentials. The builder always sets BIO_CLIENT_ID + BIO_CLIENT_SECRET, so mode 2 is the default in all deployed services.

Last updated: February 28, 2026